You may submit reports of suspected phishing or pharming DNS abuse directly to Trustname at any time.
Reporters are strongly encouraged to first contact the relevant Internet Service Provider (ISP), Web Hosting Provider, or the domain registrant, as these parties often have direct control over server infrastructure and can typically mitigate malicious content more quickly.
However, prior contact with any third party is not required, and Trustname will review all properly submitted DNS Abuse reports regardless of whether such contact has occurred.
Key Takeaways
- Remember to Contact the Web Host Too – Reports of suspected phishing or pharming DNS abuse may be submitted directly to Trustname at any time. Reporters are strongly encouraged to contact the ISP, hosting provider, or registrant for faster mitigation, but prior contact is not required.
- Submitting a Report to Us – If the problem persists, reports can be filed through our Abuse Report Form, including clear evidence like live site links and email headers.
- Investigation and Actions – Upon receiving a report, we issue a case number, investigate, and may disable name servers or engage the registrant if the domain is clearly used for phishing or pharming.
- Limits of Our Authority – Our actions are bound by ICANN and Estonian law; we can only act on valid court orders from specified jurisdictions and do not control website content.
- Our Commitment – We track all complaints to enhance anti-abuse processes and contribute to a safer online environment, addressing verified threats such as phishing, malware, and DNS abuse.
TABLE OF CONTENTS
- Key Takeaways
- Definition
- Your Action Plan
- Additional Complaint Requirements For Phishing
- What Will Happen
- Please Keep In Mind
- Remember
Definition
Phishing is the attempt to obtain sensitive personal, corporate, or financial information (e.g. account numbers, login IDs, passwords, payment details) through fraudulent or "look-alike" emails or websites that purposefully masquerade as trustworthy sources. Pharming is a type of redirection that leads to fraudulent websites or services. Often, phishing and pharming occur simultaneously.
Your Action Plan
- Because a domain registrant or hosting account holder may be unaware of phishing, pharming, or similar abuse conducted through their domain, we recommend that you also notify the domain registrant directly when submitting a report, so they can investigate and remediate the issue promptly.
You can contact them using the information you find by performing a Whois lookup on the Registrar’s website or via a generic service; this may be a link to a contact form or their email address.
Look for a line that starts with "Registrant Email". If they are using our Whois Privacy Protection Service (WHOISPPS), you can use the contact privacy form. Please note that we have no control over the content of websites hosted on domains registered with us or any of our registrars.
- Complainants submitting legal documentation from outside the European Union must first proceed through the appropriate Mutual Legal Assistance Treaty (MLAT) channels to ensure full compliance with EU legal requirements.
- If you still believe Trustname can help you, you may submit a report here - Abuse Report Form - Phishing & Pharming.
Additional Complaint Requirements For Phishing
- The domain name, brand, or business the phish is mimicking.
- The website must be live and contain a login area.
- An example phishing email, including the full email header information.
If we cannot determine what abuse is taking place, cannot verify or confirm the abuse, or if the activities fall outside the registrar's abuse policy, Trustname will be unlikely to take action.
What Will Happen
Upon receipt of such a request via our Abuse Report Form,Trustname will:
- Respond with a case number.
- Review the site and investigate your complaint, including validating the court order. Please note that we, as a Registrar, will only accept court orders issued by or domesticated in the courts of Estonia, Germany, Canada, or the United States.
- If it is clearly a phishing or pharming site, we will either expeditiously reset its Name Servers so that they do not point to any site or work with the registrant to resolve an issue where a malicious actor has gained control of their site to use it for phishing or pharming.
Please Keep In Mind
- We cannot guarantee any particular outcome, but we will review your complaint and contact you only if necessary.
- Your complaint will be evaluated on its merits and addressed as appropriate.
- You will not receive any updates regarding the evaluation or outcome of the complaint. It is entirely at the discretion of the domain registrant whether or not to respond to you.
- We reserve the right to use your complaint to prove abuse to our customer, if necessary.
- Complaints are tracked by our team to improve anti-abuse processes and mitigate threats.
- If you submit your report using the Abuse Report Form, you will not receive further notification of receipt for additional submissions from your email address within 24 hours.
- The support code to submit this type of abuse report is S7Q-PSNG-Y9W.
Remember
- Limited Role – Domain name Registrars, such as Trustname, only maintain the system of domain names (example.org) that uniquely identify websites. They are not responsible for the content of the sites to which those domain names point.
This means that if you dislike a site or its content, you should first contact the domain owner, then the service that hosts the site (web hosting service), and, if necessary, your local law enforcement authorities. As a domain Registrar, we can only act on court orders issued by or domesticated in the courts of Estonia, Germany, Canada, or the United States.
- ICANN Compliance – According to the ICANN Registrar Accreditation Agreement (RAA) and Estonian law, as a Registrar, we are not authorized to take independent action against a domain based on third party allegations. The responsibility for content and activities related to a domain lies with its administrator.
However, in accordance with our role as an accredited Registrar, we will take action against a domain administrator if we receive a valid court order or a request from an ICANN-recognized authority.
- Our responsibilities – As a Registrar, we include addressing issues such as Botnets, Malware, Pharming, Phishing, Spam, DNS security threats, and trademark infringement, as detailed by ICANN. For more information and our recommended solutions to these issues, please refer to the related articles on ICANN's website.